Windows Recall stores everything you do on a plain text database? Let's see how hard is that to hack

Apparently, the database has no encryption or extra protection

News

Reading time icon 2 min. read

Calendar icon Published on

by Claudiu Andone 

published on

Share this article

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more

Windows Recall records everything you do in an unencrypted text database

Following user uncertainty regarding the Windows Recall feature, Microsoft calmed everybody, stating that the data collected by Windows Recall is only available locally on your PC. However, what we didn’t know, and just found out from Kevin Beumont on X, that data is far from being safe.

How does Windows Recall stores your data?

Allegedly, the date is stored on a flimsy plain text database that can be grabbed with an automated tool as simple as picking apples from a tree.

The caption posted by Beaumont, we can see that he was able to access all PC actions and app usage with some detail on the side, to make everything even more spicy. The coder explains this simple hack in a later post:

It’s just an SQLite database, feature ships in a few weeks – I’ve already modded it into an Infostealer hosted on Microsoft’s Github (a few lines of code).

And this is not all! He states that even the WhatsApp, Signal and Teams messages are recorded by Windows Recall:

I’ve tested this with messaging apps like WhatsApp, Signal and Teams. Somebody message you with disappearing messages? They’re recorded anyway. Write a disappearing message? It’s recorded. Delete a message? It’s recorded.

Beaumont also described the whole process on a Mastodon thread, where Albacore confirmed this hack.

Long story short, someone would still hack into your machine or your network and if your PC has shared resources, all your history with actions and messages are up for grabs. So, no additional security protection? No kind of encryption? Well, until Microsoft makes things a lot more clear in this department, here’s our guide on how to disable Windows 11 Recall.

Will you keep the Windows Recall feature enabled? Write your thoughts in the comments section below.

More about the topics: windows recall

Claudiu Andone

Claudiu Andone Shield

Windows Toubleshooting Expert

Oldtimer in the tech and science press, Claudiu is focused on whatever comes new from Microsoft. His abrupt interest in computers started when he saw the first Home Computer as a kid. However, his passion for Windows and everything related became obvious when he became a sys admin in a computer science high school. With 14 years of experience in writing about everything there is to know about science and technology, Claudiu also likes rock music, chilling in the garden, and Star Wars. May the force be with you, always!